-
Notifications
You must be signed in to change notification settings - Fork 824
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using Google as Identity Provider causes org.springframework.security.jwt.crypto.sign.InvalidSignatureException #565
Comments
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/141727349 The labels on this github issue will be updated when the story is started. |
Prior to our v251 to v253 CF upgrade, logging in with google OpenID Connect seemed to be working, however once we'd upgraded to v253 we encountered the error: "There was an error when authenticating against the external identity provider: Could not verify token signature." As suggested in cloudfoundry/uaa#565, a tokenKeyURL has been added. https://www.googleapis.com/oauth2/v3/certs was used instead of the URL suggested there, as this is the URL returned from https://accounts.google.com/.well-known/openid-configuration
Prior to our v251 to v253 CF upgrade, logging in with google OpenID Connect seemed to be working, however once we'd upgraded to v253 we encountered the error: "There was an error when authenticating against the external identity provider: Could not verify token signature." As suggested in cloudfoundry#565, a tokenKeyURL has been added. https://www.googleapis.com/oauth2/v3/certs was used instead of the URL suggested there, as this is the URL returned from https://accounts.google.com/.well-known/openid-configuration
@tnwang Is this the case. Does the doc need to be updated? |
We should update the document so that people always use the latest information from |
Closing this story as the March 27th merge had actually provided the fix in the specified document. |
I followed the instructions here but got the error above. Had to add this to my custom yml configuration:
If the solution has any merit I think the document should be updated.
Tks in advance.
The text was updated successfully, but these errors were encountered: